September 19, 2016

Web Exploitation 104 & Exploitation 104

The first half of the lecture covers Web Application Firewalls (WAFs), and how they are often trivially bypassed. The second half of the lecture covers and presents a walkthrough of alphnumeric, polymorphic, connect-back shellcode payload development techniques that are often used against WAFs, IDS, IPS, and other defenses. Connect back shellcode development is discussed for linux systems.